in 0.00 s
This is Blog-Repost: I did this earlier than the above Date suggests :)
PSI is a nice jabber client which I use mostly for work and also for some private contacts.
I had forgotten my jabber password, which was saved in PSI. I needed it to test another jabber client, so I wanted it back. But no, they had to make it unnecessarily hard. There is a commercial program to recover it, it is called AIMPR (Advanced IM Password Recovery) - But I dislike paying money for this.
So had to spend quite some time until i found the solution. I present it here, so others don't have to spend their time.
config.xml
If you have only Ascii characters in your password, you can try this line of perl:
perl -le '($jid,$pw)=@ARGV;$pw=~s/..(..)/chr hex$1/ge; \
print substr($pw^$jid,0,length$pw)' \
user@jabber.server 000100020003007e
This information is relevant for PSI 0.92 - The author seemed displeased with me disclosing this information, so expect the algorithm to change.
Have fun.
Sec
P.S.: (added 2005-08-02)
WARNING: As it stands, PSI 0.10 and newer versions will remove saving of PGP passphrases completely. This means they will delete your PGP passphrase from the config file without notice!
The jabber password is still obfuscated the same way last time I checked.
P.P.S.: (added 2007-03-20)
There are of course other ways to recover the password. But I have to say, my method is much simpler and quicker :-)
To encode lots of password (for lots of user) just a simple VBScript function:
function psi_encode(psi_user,psi_pass) for x = 1 to len(psi_pass) tmp_result = lcase(hex((asc(mid(psi_pass,x,1)) xor asc(mid(psi_user,x,1))))) for y = 1 to (4-len(tmp_result )) tmp_result = "0" & tmp_result next result = result & tmp_result next psi_encode = result end function
here's a python one-liner that does the same:
python -c "import sys,re,math,itertools; print ''.join( [chr(eval('0x'+found) ^ ord(sys.argv[1][index])) for found, index in itertools.izip(re.findall('.{4}', sys.argv[2]), itertools.count())])" user@jabber.server 000100020003007e
Here is something quick and dirty that works in C. I took the source and translated it.
#include <stdio.h>
#include <string.h>
char password[ 1024 ];
int hexChar2int(char c)
{
if(c >= 'A' && c <= 'F')
return c - 'A' + 10;
else if(c >= 'a' && c <= 'f')
return c - 'a' + 10;
else if(c >= '0' && c <= '9')
return c - '0';
return 0;
}
void decodePassword( const char *pass, const char *key )
{
unsigned int n1, n2;
typedef unsigned short ushort;
int password_index = 0;
unsigned char c;
//if(key.length() == 0)
//return pass;
for( n1 = 0, n2 = 0; n1 < strlen( pass ); n1 += 4 )
{
ushort x = 0;
if(n1 + 4 > strlen( pass ) )
break;
x += hexChar2int( pass[ n1 ] ) * 4096;
x += hexChar2int( pass[ n1+1 ] ) * 256;
x += hexChar2int( pass[ n1+2 ] ) * 16;
x += hexChar2int( pass[ n1+3 ] );
c = ( unsigned char )( x ^ key[ n2++ ] );
password[ password_index++ ] = c;
if( n2 > strlen( key ) )
n2 = 0;
}
}
int main( void )
{
decodePassword( "Encrypted password from config.xml here", "user_name@jabber.org" );
printf( "Password:%s\n", password );
return 0;
}
the 2 includes should be stdio.h and string.h
Well, if you ever get into the situation that you want to ENcode passwords (without vbscript ;) ) :
#include <stdio.h>
#include <string.h>
#include <iostream>
int main (int argc, char *argv[]) {
std::string result;
const char *key = argv[1];
const char *pass = argv[2];
unsigned int n1, n2;
if(strlen(key) == 0) {
std::cout << pass << std::endl;
return 0;
}
for(n1 = 0, n2 = 0; n1 < strlen(pass); ++n1) {
ushort x = pass[n1] ^ key[n2++];
char *hex = new char[1];
sprintf(hex, "%04x", x);
result += hex;
if(n2 > strlen(key))
n2 = 0;
delete[] hex;
}
std::cout << result << std::endl;
return 0;
}
Great work~~ you save my account from hell..
by the way, I offer a python cmdline solutions: ---------------------------------------------------
python -c "import sys; u,p=sys.argv[1:3]; print \"\".join([ chr(ord(u[x]) ^ eval(\"0x%s\"%(p[4*x:4*x + 4]))) for x in xrange(len(p)/4) ]);" user@jabber.server 000100020003007e
Does this work with 0.13?
«How to recover your jabber password from PSI. 1. Search for your "config.xml"...»
But I have some problem: I can not to find this file "config.xml". :-( Where is it?
It is not in the :\Documents and Settings\, or in the :\Program Files\Psi\
Psi v0.12
Krunch wrote on Mon, 28 Nov 2005 21:04
Thank you for the Perl line. If anybody is interested, the code that encode/decode the password is located in common.cpp (encodePassword() and decodePassword()) and is called from psi_profiles.cpp.